TechNews digests: Jan - Mar 2010

TechNews is a technology, news and analysis service aimed at anyone in the education sector keen to stay informed about technology developments, trends and issues. TechNews focuses on emerging technologies and other technology news. TechNews service : digests september 2004 till May 2010 Analysis pieces and News combined publish every 2 to 3 month

ANANAS - A Framework For Analyzing Android Applications

Android is an open software platform for mobile devices with a large market share in the smartphone sector. The openness of the system as well as its wide adoption lead to an increasing amount of malware developed for this platform. ANANAS is an expandable and modular framework for analyzing Android applications. It takes care of common needs for dynamic malware analysis and provides an interface for the development of plugins. Adaptability and expandability have been main design goals during the development process. An abstraction layer for simple user interaction and phone event simulation is also part of the framework. It allows an analyst to script the required user simulation or phone events on demand or adjust the simulation to his needs. Six plugins have been developed for ANANAS. They represent well known techniques for malware analysis, such as system call hooking and network traffic analysis. The focus clearly lies on dynamic analysis, as five of the six plugins are dynamic analysis methods.Comment: Paper accepted at First Int. Workshop on Emerging Cyberthreats and Countermeasures ECTCM 201

Automating NFC Message Sending for Good and Evil

Near Field Communication (NFC) is an emerging proximity wireless technology used for triggering automatic interactions between mobile devices. In standard NFC usage, one message is sent per device contact, then the devices must be physically separated and brought together again. In this paper, we present a mechanism for automatically sending multiple messages without any need to physically decouple the devices. After an introduction to NFC and related security issues, we discuss the motivation for—and an implementation of—an automation framework for sending repeated NFC messages without any need for human interaction. Then we consider how such an automated mechanism can be used for both a denial of service attack and as a platform for fuzz testing. We present experimental evidence on the efficacy of automated NFC as a vector for achieving these goals. We conclude with suggestions for future work and provide some overall insights

Problems and Solutions in Mobile Application Testing

Mobiilirakenduste testimise alaste teadusartiklite arv on viimastel aastatel visalt suurenenud. Samas testivad vähesed mobiilirakendustega tegelevad teadlased oma oletusi ja lahendusi firmades. Selle lõputöö eesmärgiks on pakkuda ülevaade teaduskirjanduses mainitud mobiilirakenduste testimisega seotud probleemidest ja potentsiaalsetest lahendustest ning kõrvutada seda alal igapäevaselt tegutsevate professionaalide arvamusega. Kõigepealt viiakse selle töö käigus läbi teaduskirjanduse uuring probleemide ja potentsiaalsete lahenduste väljaselgitamiseks, misjärel intervjueeritakse kuue mobiilirakenduste testimisega tegeleva firma esindajaid, et välja selgitada, kas kirjelduses esile toodud probleemid on olulised ka tööstuses. Intervjuude tulemusena selgus, et kuigi firmad hindavad probleemide tähtsust väga erinevalt, on siiski olemas mõned võtmeprobleemid, mida peetakse oluliseks nii teaduses kui ka tööstuses. Samas on teaduskirjanduses pakutud lahendused tihti liiga teoreetilised, üldised või vananenud, et firmade esindajatele huvi pakkuda.In recent years the amount of scientific papers published on the topic of mobile applications has significantly increased. However, few researchers test their assumptions and solutions in industry. This thesis aims to provide an overview of what current scientific literature considers problems and potential solutions in mobile application testing, and compare it to opinions of industry professionals. A literature review is performed to extract the list of problems and potential solutions, after which representatives of six Estonian companies involved in the field are interviewed to verify whether the problems and solutions proposed in the literature are relevant for industry. The study reveals that while the relevance of each problem is highly variable from one company to another, there are some key problems that are generally considered vital both by research and industry. However, the solution concepts proposed by scientific literature are often too theoretical, general or outdated to be of much interest to industry professionals

Identifying Failures in Mobile Devices

Mobile devices are well-known communication tools. People, especially young people, cannot go even one step without them. Technological advancements provide better features, but at the same time, such systems still face security risks. Protective layers do exist, but some systems are automated and engineered, while others rely on humans. This work begins with examining some critical points related to the weakest link in the security chain: the human factor. Errors are given in the view of the Swiss Cheese Model by emphasizing the role of latent conditions in “holes”. We found that the Swiss Cheese Model has some limitations. In order to enhance it, we have used the Failure Mode and Effect Analysis risk matrix methodology. Thus, we represent its application on mobile devices to demonstrate that it can give us more accurate results by identifying the most critical points where manufacturers should focus on. This work is based on qualitative data, and it provides the basis for quantitative research. In the end, we suggest that in order to obtain more accurate findings, the Failure Mode and Effect Analysis can be further extended

Surveillance and Steering of Agricultural Field using Zigbee

An agricultural automated system is designed for supervising and controlling the variegated factors s uch as humidity, water level, temperature and human machination. This system is a wireless sensor network using ZigBee as the transmission medium fo r the sensed values of the facets of agriculture. Sensors gather the various agricultural factors in real ti me and transmit it using IoT application .Internet of things collaborates with one another to perform action on behalf of people to reduce or eliminate the need of hu man labor. IoT will become a reality over the next few years, with omnipresent smart dev ices will be able to execute autonomously according to the change in their surroundings. There is also inclusion of the GSM gateway administering the sensor statistics from the coordinator to the router ZigBee, which is used to disseminate data to the web application. The coding was instigated with threshold values of the factors monitored and was programmed into micro - controller with uses IoT application to send an alert to the user mobile phone to be aware of the a dverse conditions of the field. I t also helps to control the condition to avoid the major loss of crops

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use